# encoding: utf-8

class SessionsController < ApplicationController
  layout 'login'
  
  skip_filter :login_required
  filter_parameter_logging :password
  
  def new
  end

  def create
    clear_login_session
    admin_user = AdminUser.authenticate(params[:user_name],params[:password])
    if admin_user
      flash[:notice] = "成功登录!"
      session[:admin_user_id] = admin_user.id
      redirect_back_or_default
    else
      flash[:error] = "帐号密码不正确!"
      redirect_to login_path
    end
  end

  def destroy
    flash[:notice] = "成功登出!"
    clear_login_session
    redirect_back_or_default
  end
end
